• configuration migration to new hardware

    Ahmad
    Ahmad
    hi, i have 2 XG430 in HA firmware version 20.x, now i want to move to new hardware XGS4300 in HA. please advise how can i migrate configuration from old to new hardware??? what steps should i follow???
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • XGS2100 Throughput

    DDL_123
    DDL_123
    Hello, I have two sites configured with HA XG2100 firewalls, At both sites 1GBe Port2 is the WAN connection this is a 100/100 circuit typically usage is around 30%, 1GBe Port 6 is an MPLS L2 1Gbp/s Circuit that connects both sites. All LAN traffic is…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • 2 Vlan , only one reserved ip possible for one device ??

    helmut willems
    helmut willems
    Hello , I have 2 SSID Data (vlan 10) , building (vlan 20). I have one mobile device who sometimes connect with data , sometimes with building. I can make a reserved IP on Mac adres for vlan Data (10) , but i can not reserve another adres for vlan…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Disable IPSEC Anti Replay Protection SFOS v20

    OliverKnights
    OliverKnights
    Hello, Im trying to test out Cloudflare magicwan and the guide says to disable ipsec anti replay protection. The guide shows a command for sfos v19 however this doesn't seem to exist in v20. The command is: set vpn ipsec-performance-setting anti…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • SFOS 20 IPV6 over PPPoE

    CA VAN LOGGERENBERG​
    CA VAN LOGGERENBERG​
    When will ipv6 be supported over PPPoE ? When I use any other router / firewall I am able to get IPv6 over PPPoE just not via Sophos
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Two Lan Network for Two different WAN

    AlessandroBlasi
    AlessandroBlasi
    Hello Guys, I've tried to search, but without any luck. Basically I have a very simple configuration: LAN1 192.168.X.X --> WAN 1 Now I would like to modify the configuration, in this way: LAN1 192.168.X.X/24 --> WAN 1 LAN2 192.168.Y.Y/24 --> WAN…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • XFRM showing 'not configured' after public IP changes on spoke

    GJN
    GJN
    Hello, we are currently using Sophos Firewalls in a Hub-and-Spoke topology running SFOS 20.0. Some spokes are using WAN connections with dynamic IPs which will change from time to time. On those units we can observe that the corresponding XFRM interface…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • CVE-2020-20813

    Elvys Marchon
    Elvys Marchon
    Hello, I verified that my Sophos XGS SFOS 20.0.0 GA-Build222 has OpenVPN 2.4.7 which is vulnerable to CVE-2020-20813 which according to NIST has a high level. As I use SSL VPN for remote access, I need to know if my firewall is vulnerable. Best Regards…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • xg firewall on aws - locks up at midnight UTC

    solmc
    solmc
    Hi all, Have an xg firewall running 20.0.0-GA that locks up every day or at least every other day just after midnight UTC. Load climbs up over 20 or so, then requires stopping/starting manually in AWS ec2 console. Running on AWS ec2 c4.xlarge in us…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos connect

    Support Ipsilan
    Support Ipsilan
    Hello, we are doing a migration from old XG330 to a XGS3300 I have a question regarding the sophos connect client, which is currently used with the XG. the current sophos client is openvpn 2.3.8 The new one is in version 2.3, but, do we have a…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Mails not more delivered (MTA-Mode). After service smtpd:restart mails successfully delivered, but also very old from February/March/April

    Erik Wi
    Erik Wi
    Hi there, we had a very interesting problem with our Sophos-Firewall and the mailflow on Wednesday. On 2024-06-26 around 08:00am (UTC+2) no more mails were delivered via our Firewall. All mails were visible in the GUI under "Mail logs", but only…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Connect from guest network to VPN

    Sophos User3521
    Sophos User3521
    I have a new xgs ( SFOS 20.0.0 ) and would like for the guest wifi users to be able to connect to our vpn. How can I achive that?
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • XG 136 mit SFOS 20.0.0 hinter einem Exposed Host. Ich bekomme kein DNAT hin

    ChristofS
    ChristofS
    Hallo Gemeinde, bis jetzt hatte ich immer einer SG230 in dieser Konstallation. Diese habe ich nun gegen eine XG136 getauscht und die Firmware SFOS 20.0.0 GA-Build222 ist installiert und die Konfiguration so von der SG230 übernommen Die Reds und…
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Email Notification is not working in Sophos XGs v20.0

    Yuvraj Singh
    Yuvraj Singh
    I tried to configure the email notification for any config changes but somehow It's not working. Getting email has been accepted by device and queued for scanning. Then failed after sometime. Please help me to fix this issue. I have followed the steps…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • An error has occurred in resolving the URL, please update the URL and retry the policy test.

    n4shito
    n4shito
    Greetings community. I have an XGS126 device (SFOS 20.0.0 GA-Build222) I'm trying to do a policy test on google.com, facebook.com, and I get this message: An error has occurred in resolving the URL, please update the URL and retry the policy…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • How to setup Network attack protection

    Søren Jensen
    Søren Jensen
    Hello All, I am a newbee to XG, but have been using UTM9 for some years. In UTM9, I could see a number of attacks being dropped every day. After I changed to XG (version SFVH [SFOS 20.0.0 GA-Build222]) I do no longer see any attacks. I have activated…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • XGS SFP ports not working until you specify interface speed (1G or 10G XGS, v20)

    LHerzog
    LHerzog
    Update to LAG not working unless you specify interface speed Using XGS4500 on 20.0.0 GA-Build22 with XSAZTCHF4 "Sophos FleXi Port Modul 4 port 10GbE SFP+" LACP bonding was not working on PortsA1-A4 unless specifying 10G Interface Speed manually, disabling…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • WAF non-standard ports: 503 Service Unavailable

    woter324
    woter324
    Hi, I have set up a new Web server protection rule following this guide. Everything works fine using port 80, but when I change the port to 1001, I get 503 Service Unavailable: Web server : IIS (Windows 11). Binding: Type: HTTP, IP address: all…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • How do I setup DNS over TLS?

    GodAtum
    GodAtum
    I am using Sophos Firewall SFOS 20.0.0 GA-Build222. How do I setup DNS over TLS (with Cloudflare)? I can't find any instructions on the Sophos help pages.
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • /31 WAN

    Jenny Skinner
    Jenny Skinner
    Hi, Can anyone confirm whether Sophos supports /31 subnet config on WAN interfaces please? XG2100 running SFOS 20.0.0 GA-Build222 Thanks
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN (TCP) Static IP Address issues

    Hugh D
    Hugh D
    Hello, I am experiencing the issues listed in NC-120119 when I am using TCP mode for my SSL VPNs. I have a select number of users who I required to get a static IP address, however when they are connected, if they change network type and it tries…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Site-to-Site connected but no traffic over failover GW

    Werner Smit
    Werner Smit
    Good day, On our XG230 [ SFOS 20.0.0 GA-Build222] we have two IPsec site-to-site tunnels on two different GWs. Both connect to the same remote GW but use Different NATed local Subnets to Fortigate Firewall. IPSec policies are the same no change there…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect 2.2 scx file gateway_order not working

    EastCoastUser
    EastCoastUser
    I have a Sophos that has a publicly accessible IP address which I will call 47.x.x.x, and this same IP is also publicly reachable via DNS name which I will call myhost.com. I have IPsec set up and working on my Sophos v20 firewall. I have Sophos Client…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • mirror rule sets of existing ip/host to new ip/host

    Sophos User1175
    Sophos User1175
    hi all, we have a xgs 4300 v20 i want to give a new ip/host the same rule sets as an existing ip/host how can i do this please? thanks, rob
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS116 FW 20.0 how to logout when connected to wifi via vouchers

    Eva Pavli
    Eva Pavli
    Hello All, I need your assistance regarding an issue I face with an XGS116 FW v 20 with vouchers. To specify, I am able to connect to the wifi via using vouchers, but there is no option for logout button. In addition, I wish to see my remaining…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>